Security & Zero-Knowledge Architecture

Spirit Guide is designed so we cannot read your estate vault—even if compelled. Your manual lives on your device; handoff files are encrypted before download.

What we never do

Store your vault on our servers
Transmit passwords or account numbers to Spirit Guide
Upload encrypted files from /unlock to our infrastructure
Reset or recover your handoff password

Encrypted export spec

Algorithm: AES-256-GCM

Key derivation: PBKDF2 · SHA-256 · 310,000 iterations

Salt: 16 bytes (random per export)

IV: 12 bytes (random per export)

Format: JSON bundle (v1, product: spiritguide_legacy)

Executor unlock (/unlock)

Decryption uses the Web Crypto API in the executor's browser. The file is read via FileReader locally. We recommend sharing the password through a separate channel from the file.

No Passwords Stored · Your Data Stays on Your Device

Prepare Handoff Kit